what rights to the folder are needed for mkdir ("name", rights); so that no one from the browser could open the files in this folder but it was possible to create php code to create files into a folder and take content from them (from files)
- Those who “from the browser” act through the web server - see under which user and group the web server process works for you (nginx or apache). The "php code" works either in conjunction with a web server, and then they cannot be separated by disk access rights, or by a separate php-fpm process that can be under the same or under another user. If under another - you can solve your problem rights. - Sergiks
- What is your web server? How does php work? - Sergiks
|
4 answers
Most likely, the rights to the folder will not solve your problem.
Usually, files that should not be accessible from the browser are simply kept out of the folders accessible from the web.
For example, the popular WordPress engine allows you to keep a “secret” file with configs both in the root of the site and one level higher to protect its content:
/var/www/site/ wpconfig.php <- это «секретный» файл public/ <- это корень веб-сайта index.php и прочие файлы 
Sergiks Sergiks
28.2k 3 gold marks 39 silver marks 78 bronze marks
|
in .htaccess it is necessary to register Deny from all
BedOmar BedOmar
283 3 silver marks 13 bronze marks
|
As an option in .htaccess to prescribe a ban on viewing all folders
Options All -Indexes 
mazaHELL mazaHELL
111 2 bronze marks
|
# # Set default safe rights to web folder # SITENAME=${2%/} DIR=${1%/} # files STATUS="Setting 644 for files $DIR" echo -n $STATUS find $DIR -type f -exec chmod 644 {} \; echo -e "\r$STATUS [OK]" # dirs STATUS='Setting 755 for directories' echo -n $STATUS find $DIR -type d -exec chmod 755 {} \; echo -e "\r$STATUS [OK]" #user and group DATE=`date +%S%N` FILE="$DATE.php" cd $DIR mkdir $DATE echo "<?php\n" > $DIR/$DATE/$FILE echo "echo exec('id');" >> $DIR/$DATE/$FILE USER=`curl -s "$SITENAME/$DATE/$FILE" | cut -d ' ' -f 1 | cut -d '(' -f 2 | cut -d ')' -f 1` GROUP=`curl -s "$SITENAME/$DATE/$FILE" | cut -d ' ' -f 2 | cut -d '(' -f 2 | cut -d ')' -f 1` rm -f $DIR/$DATE/$FILE rmdir $DIR/$DATE STATUS="Setting owner of directory to user: $USER and group: $GROUP "; echo -n $STATUS chown -R $USER:$GROUP $DIR echo -e "\r$STATUS [OK]\n\n" I wrote a script for myself. The first argument is the path to the root directory, the second is the web path (domain)
Example:
sh rights.sh /var/www/site http://site.ru What does the script do?
- Sets the permissions on folders 755
- Sets file permissions 644
- Defines the user and group under which the script is launched by the apache and assigns it the owner of files and folders.
After that, all the scripts will work fine and rights should suffice. If the problem is with mkdir , then perhaps you are trying to create several directories recursively, and this is possible only if a special parameter is passed.
Example:
mkdir ('/path/to/recursive/dir', 0755, true) 
s4urp8n s4urp8n
344 1 silver mark 10 bronze marks
|